github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 09:19:04 -04:00
Code Issues Projects Releases Packages Wiki Activity

[AO][SERVERLESS] Fix Custom Threshold rule tests for Serverless (#166942)

Browse source 
## Summary

Fixes #165569
Fixes #166617
Fixes #166618
Fixes #166619
Fixes #166620
This commit is contained in:
Faisal Kanout 2023-09-29 12:24:51 +03:00 committed by GitHub
parent 5b0ec2e92d
commit 4c1ca7e92f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
23 changed files with 553 additions and 296 deletions
Download patch file Download diff file Expand all files Collapse all files

25
x-pack/packages/kbn-infra-forge/src/data_sources/composable/component/base.json Normal file
View file

@ -0,0 +1,25 @@
{
"_meta": {
"documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-base.html",
"ecs_version": "8.0.0"
},
"template": {
"mappings": {
"properties": {
"@timestamp": {
"type": "date"
},
"labels": {
"type": "object"
},
"message": {
"type": "match_only_text"
},
"tags": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
}

24
x-pack/packages/kbn-infra-forge/src/data_sources/composable/component/event.json Normal file
View file

@ -0,0 +1,24 @@
{
"_meta": {
"documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-event.html",
"ecs_version": "8.0.0"
},
"template": {
"mappings": {
"properties": {
"event": {
"properties": {
"dataset": {
"ignore_above": 1024,
"type": "keyword"
},
"module": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
}
}
}

189
x-pack/packages/kbn-infra-forge/src/data_sources/composable/component/host.json Normal file
View file

@ -0,0 +1,189 @@
{
"_meta": {
"documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-host.html",
"ecs_version": "8.0.0"
},
"template": {
"mappings": {
"properties": {
"host": {
"properties": {
"architecture": {
"ignore_above": 1024,
"type": "keyword"
},
"cpu": {
"properties": {
"usage": {
"scaling_factor": 1000,
"type": "scaled_float"
}
}
},
"disk": {
"properties": {
"read": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"write": {
"properties": {
"bytes": {
"type": "long"
}
}
}
}
},
"domain": {
"ignore_above": 1024,
"type": "keyword"
},
"geo": {
"properties": {
"city_name": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_code": {
"ignore_above": 1024,
"type": "keyword"
},
"continent_name": {
"ignore_above": 1024,
"type": "keyword"
},
"country_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"country_name": {
"ignore_above": 1024,
"type": "keyword"
},
"location": {
"type": "geo_point"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"postal_code": {
"ignore_above": 1024,
"type": "keyword"
},
"region_iso_code": {
"ignore_above": 1024,
"type": "keyword"
},
"region_name": {
"ignore_above": 1024,
"type": "keyword"
},
"timezone": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"hostname": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"ip": {
"type": "ip"
},
"mac": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"network": {
"properties": {
"egress": {
"properties": {
"bytes": {
"type": "long"
},
"packets": {
"type": "long"
}
}
},
"ingress": {
"properties": {
"bytes": {
"type": "long"
},
"packets": {
"type": "long"
}
}
}
}
},
"os": {
"properties": {
"family": {
"ignore_above": 1024,
"type": "keyword"
},
"full": {
"fields": {
"text": {
"type": "match_only_text"
}
},
"ignore_above": 1024,
"type": "keyword"
},
"kernel": {
"ignore_above": 1024,
"type": "keyword"
},
"name": {
"fields": {
"text": {
"type": "match_only_text"
}
},
"ignore_above": 1024,
"type": "keyword"
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"uptime": {
"type": "long"
}
}
}
}
}
}
}

18
x-pack/packages/kbn-infra-forge/src/data_sources/composable/component/metricset.json Normal file
View file

@ -0,0 +1,18 @@
{
"_meta": {
"ecs_version": "8.0.0"
},
"template": {
"mappings": {
"properties": {
"metricset": {
"properties": {
"interval": {
"type": "long"
}
}
}
}
}
}
}

69
x-pack/packages/kbn-infra-forge/src/data_sources/composable/component/system.json Normal file
View file

@ -0,0 +1,69 @@
{
"_meta": {
"ecs_version": "8.0.0"
},
"template": {
"mappings": {
"properties": {
"system": {
"properties": {
"cpu": {
"properties": {
"cores": {
"type": "integer"
},
"system": {
"properties": {
"pct": {
"type": "float"
}
}
},
"total": {
"properties": {
"norm": {
"properties": {
"pct": {
"type": "float"
}
}
}
}
},
"user": {
"properties": {
"pct": {
"type": "float"
}
}
}
}
},
"network": {
"properties": {
"in": {
"properties": {
"bytes": {
"type": "long"
}
}
},
"name": {
"ignore_above": 1024,
"type": "keyword"
},
"out": {
"properties": {
"bytes": {
"type": "long"
}
}
}
}
}
}
}
}
}
}
}

52
x-pack/packages/kbn-infra-forge/src/data_sources/composable/template.json Normal file
View file

@ -0,0 +1,52 @@
{
"_meta": {
"description": "Sample composable template that includes all ECS fields",
"ecs_version": "8.0.0"
},
"composed_of": [
"ecs_8.0.0_base",
"ecs_8.0.0_event",
"ecs_8.0.0_host",
"ecs_8.0.0_metricset",
"ecs_8.0.0_system"
],
"index_patterns": [
"kbn-data-forge-fake_hosts"
],
"priority": 1,
"template": {
"mappings": {
"_meta": {
"version": "1.6.0"
},
"date_detection": false,
"dynamic_templates": [
{
"strings_as_keyword": {
"mapping": {
"fields": {
"text": {
"norms": false,
"type": "text"
}
},
"ignore_above": 1024,
"type": "keyword"
},
"match_mapping_type": "string"
}
}
]
},
"settings": {
"index": {
"codec": "best_compression",
"mapping": {
"total_fields": {
"limit": 2000
}
}
}
}
}
}

2
x-pack/packages/kbn-infra-forge/src/data_sources/fake_hosts/index.ts
View file

@ -8,7 +8,7 @@
import lodash from 'lodash';
import type { Moment } from 'moment';
export { template } from './template';
export { indexTemplate } from './index_template_def';
const createGroupIndex = (index: number) => Math.floor(index / 1000) * 1000;

38
x-pack/packages/kbn-infra-forge/src/data_sources/fake_hosts/index_template_def.ts Normal file
View file

@ -0,0 +1,38 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import * as rt from 'io-ts';
import base from '../composable/component/base.json';
import event from '../composable/component/event.json';
import host from '../composable/component/host.json';
import metricset from '../composable/component/metricset.json';
import system from '../composable/component/system.json';
import template from '../composable/template.json';
const IndexTemplateDefRT = rt.type({
namespace: rt.string,
template: rt.UnknownRecord,
components: rt.array(rt.type({ name: rt.string, template: rt.UnknownRecord })),
});
export type IndexTemplateDef = rt.TypeOf<typeof IndexTemplateDefRT>;
const ECS_VERSION = template._meta.ecs_version;
const components = [
{ name: `fake_hosts_${ECS_VERSION}_base`, template: base },
{ name: `fake_hosts_${ECS_VERSION}_event`, template: event },
{ name: `fake_hosts_${ECS_VERSION}_host`, template: host },
{ name: `fake_hosts_${ECS_VERSION}_metricset`, template: metricset },
{ name: `fake_hosts_${ECS_VERSION}_system`, template: system },
];
export const indexTemplate: IndexTemplateDef = {
namespace: 'fake_hosts',
template: { ...template, composed_of: components.map(({ name }) => name) },
components,
};

218
x-pack/packages/kbn-infra-forge/src/data_sources/fake_hosts/template.ts
View file

@ -1,218 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
export const template = {
order: 1,
index_patterns: ['kbn-data-forge*'],
settings: {
index: {
mapping: {
total_fields: {
limit: '10000',
},
},
number_of_shards: '1',
number_of_replicas: '0',
query: {
default_field: ['message', 'labels.*', 'event.*'],
},
},
},
mappings: {
dynamic_templates: [
{
labels: {
path_match: 'labels.*',
mapping: {
type: 'keyword',
},
match_mapping_type: 'string',
},
},
{
strings_as_keyword: {
mapping: {
ignore_above: 1024,
type: 'keyword',
},
match_mapping_type: 'string',
},
},
],
date_detection: false,
properties: {
'@timestamp': {
type: 'date',
},
tags: {
type: 'keyword',
},
metricset: {
properties: {
period: {
type: 'long',
},
},
},
host: {
properties: {
name: {
type: 'keyword',
ignore_above: 256,
},
network: {
properties: {
name: {
type: 'keyword',
ignore_above: 256,
},
},
},
},
},
event: {
properties: {
dataset: {
type: 'keyword',
ignore_above: 256,
},
module: {
type: 'keyword',
ignore_above: 256,
},
},
},
system: {
properties: {
cpu: {
properties: {
cores: {
type: 'long',
},
total: {
properties: {
norm: {
properties: {
pct: {
scaling_factor: 1000,
type: 'scaled_float',
},
},
},
},
},
user: {
properties: {
pct: {
scaling_factor: 1000,
type: 'scaled_float',
},
norm: {
properties: {
pct: {
scaling_factor: 1000,
type: 'scaled_float',
},
},
},
},
},
system: {
properties: {
pct: {
scaling_factor: 1000,
type: 'scaled_float',
},
},
},
},
},
network: {
properties: {
name: {
type: 'keyword',
ignore_above: 256,
},
in: {
properties: {
bytes: {
type: 'long',
},
},
},
out: {
properties: {
bytes: {
type: 'long',
},
},
},
},
},
},
},
container: {
properties: {
id: {
type: 'keyword',
ignore_above: 256,
},
name: {
type: 'keyword',
ignore_above: 256,
},
cpu: {
properties: {
cores: {
type: 'long',
},
total: {
properties: {
norm: {
properties: {
pct: {
scaling_factor: 1000,
type: 'scaled_float',
},
},
},
},
},
user: {
properties: {
pct: {
scaling_factor: 1000,
type: 'scaled_float',
},
norm: {
properties: {
pct: {
scaling_factor: 1000,
type: 'scaled_float',
},
},
},
},
},
system: {
properties: {
pct: {
scaling_factor: 1000,
type: 'scaled_float',
},
},
},
},
},
},
},
},
},
aliases: {
'metrics-fake_hosts': {},
},
};

28
x-pack/packages/kbn-infra-forge/src/lib/install_template.ts
View file

@ -1,28 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import type { Client } from '@elastic/elasticsearch';
import type { ToolingLog } from '@kbn/tooling-log';
export function installTemplate(
client: Client,
template: object,
namespace: string,
logger: ToolingLog
) {
logger.debug(`installTemplate > template name: kbn-data-forge-${namespace}`);
return client.indices
.putTemplate({ name: `kbn-data-forge-${namespace}`, body: template })
.catch((error: any) => logger.error(`installTemplate > ${JSON.stringify(error)}`));
}
export function deleteTemplate(client: Client, namespace: string, logger: ToolingLog) {
logger.debug(`deleteTemplate > template name: kbn-data-forge-${namespace}`);
return client.indices
.deleteTemplate({ name: `kbn-data-forge-${namespace}` })
.catch((error: any) => logger.error(`deleteTemplate > ${JSON.stringify(error)}`));
}

59
x-pack/packages/kbn-infra-forge/src/lib/manage_template.ts Normal file
View file

@ -0,0 +1,59 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import type { Client } from '@elastic/elasticsearch';
import type { ToolingLog } from '@kbn/tooling-log';
import { IndexTemplateDef } from '../data_sources/fake_hosts/index_template_def';
export async function installTemplate(
client: Client,
template: IndexTemplateDef,
namespace: string,
logger: ToolingLog
) {
logger.info(`Installing index templates (${namespace})`);
const componentNames = template.components.map(({ name }) => name);
logger.info(`Installing components for ${template.namespace} (${componentNames})`);
for (const component of template.components) {
await client.cluster
.putComponentTemplate({
name: component.name,
...component.template,
})
.catch((error) => logger.error(`Failed installing component > ${JSON.stringify(error)}`));
}
logger.info(`Installing index template (${template.namespace})`);
await client.indices
.putIndexTemplate({
name: template.namespace,
...template.template,
})
.catch((error) => logger.error(`Failed installing template > ${JSON.stringify(error)}`));
}
export async function deleteTemplate(
client: Client,
template: IndexTemplateDef,
logger: ToolingLog
) {
logger.info(`deleteIndexTemplate > template name: ${template.namespace}`);
await client.indices
.deleteIndexTemplate({
name: template.namespace,
})
.catch((error: any) =>
logger.error(`deleteIndexTemplate > ${template.namespace} ${JSON.stringify(error)}`)
);
for (const component of template.components) {
logger.info(`deleteComponents > component name: ${component.name}`);
await client.cluster
.deleteComponentTemplate({ name: component.name })
.catch((error: any) =>
logger.error(`deleteComponents > ${component.name} ${JSON.stringify(error)}`)
);
}
}

4
x-pack/packages/kbn-infra-forge/src/lib/queue.ts
View file

@ -24,7 +24,7 @@ export const createQueue = (
logger.debug(`createQueue > index name: ${indexName}`);
return async.cargoQueue(
(docs: object[], callback) => {
const body: any[] = [];
const body: object[] = [];
docs.forEach((doc) => {
body.push({
create: {
@ -34,7 +34,7 @@ export const createQueue = (
body.push(omit(doc, 'namespace'));
});
esClient
.bulk({ body })
.bulk({ body, refresh: true })
.then((resp) => {
if (resp.errors) {
logger.error(

7
x-pack/packages/kbn-infra-forge/src/run.ts
View file

@ -12,7 +12,7 @@ import type { Moment } from 'moment';
import type { ToolingLog } from '@kbn/tooling-log';
import type { Client } from '@elastic/elasticsearch';
import { createQueue, getIndexName } from './lib/queue';
import { deleteTemplate, installTemplate } from './lib/install_template';
import { deleteTemplate, installTemplate } from './lib/manage_template';
import * as fakeHosts from './data_sources/fake_hosts';
const generateEventsFns = {
@ -20,7 +20,7 @@ const generateEventsFns = {
};
const templates = {
fake_hosts: fakeHosts.template,
fake_hosts: fakeHosts.indexTemplate,
};
const EVENTS_PER_CYCLE = 1;
@ -68,5 +68,6 @@ export const generate = async ({
};
export const cleanup = async ({ esClient, logger }: { esClient: Client; logger: ToolingLog }) => {
await deleteTemplate(esClient, DATASET, logger);
const template = templates[DATASET];
await deleteTemplate(esClient, template, logger);
};

7
x-pack/test/alerting_api_integration/observability/custom_threshold_rule/avg_pct_fired.ts
View file

@ -28,6 +28,9 @@ export default function ({ getService }: FtrProviderContext) {
describe('Custom Threshold rule - AVG - PCT - FIRED', () => {
const CUSTOM_THRESHOLD_RULE_ALERT_INDEX = '.alerts-observability.threshold.alerts-default';
const ALERT_ACTION_INDEX = 'alert-action-threshold';
// DATE_VIEW should match the index template:
// x-pack/packages/kbn-infra-forge/src/data_sources/composable/template.json
const DATE_VIEW = 'kbn-data-forge-fake_hosts';
const DATA_VIEW_ID = 'data-view-id';
let infraDataIndex: string;
let actionId: string;
@ -37,9 +40,9 @@ export default function ({ getService }: FtrProviderContext) {
infraDataIndex = await generate({ esClient, lookback: 'now-15m', logger });
await createDataView({
supertest,
name: 'metrics-fake_hosts',
name: DATE_VIEW,
id: DATA_VIEW_ID,
title: 'metrics-fake_hosts',
title: DATE_VIEW,
});
});

7
x-pack/test/alerting_api_integration/observability/custom_threshold_rule/custom_eq_avg_bytes_fired.ts
View file

@ -34,6 +34,9 @@ export default function ({ getService }: FtrProviderContext) {
describe('Custom Threshold rule - CUSTOM_EQ - AVG - BYTES - FIRED', () => {
const CUSTOM_THRESHOLD_RULE_ALERT_INDEX = '.alerts-observability.threshold.alerts-default';
const ALERT_ACTION_INDEX = 'alert-action-threshold';
// DATE_VIEW should match the index template:
// x-pack/packages/kbn-infra-forge/src/data_sources/composable/template.json
const DATE_VIEW = 'kbn-data-forge-fake_hosts';
const DATA_VIEW_ID = 'data-view-id';
let infraDataIndex: string;
let actionId: string;
@ -43,9 +46,9 @@ export default function ({ getService }: FtrProviderContext) {
infraDataIndex = await generate({ esClient, lookback: 'now-15m', logger });
await createDataView({
supertest,
name: 'metrics-fake_hosts',
name: DATE_VIEW,
id: DATA_VIEW_ID,
title: 'metrics-fake_hosts',
title: DATE_VIEW,
});
});

7
x-pack/test/alerting_api_integration/observability/custom_threshold_rule/documents_count_fired.ts
View file

@ -28,6 +28,9 @@ export default function ({ getService }: FtrProviderContext) {
describe('Custom Threshold rule - DOCUMENTS_COUNT - FIRED', () => {
const CUSTOM_THRESHOLD_RULE_ALERT_INDEX = '.alerts-observability.threshold.alerts-default';
const ALERT_ACTION_INDEX = 'alert-action-threshold';
// DATE_VIEW should match the index template:
// x-pack/packages/kbn-infra-forge/src/data_sources/composable/template.json
const DATE_VIEW = 'kbn-data-forge-fake_hosts';
const DATA_VIEW_ID = 'data-view-id';
let infraDataIndex: string;
let actionId: string;
@ -37,9 +40,9 @@ export default function ({ getService }: FtrProviderContext) {
infraDataIndex = await generate({ esClient, lookback: 'now-15m', logger });
await createDataView({
supertest,
name: 'metrics-fake_hosts',
name: DATE_VIEW,
id: DATA_VIEW_ID,
title: 'metrics-fake_hosts',
title: DATE_VIEW,
});
});

7
x-pack/test/alerting_api_integration/observability/custom_threshold_rule/group_by_fired.ts
View file

@ -41,6 +41,9 @@ export default function ({ getService }: FtrProviderContext) {
describe('Custom Threshold rule - GROUP_BY - FIRED', () => {
const CUSTOM_THRESHOLD_RULE_ALERT_INDEX = '.alerts-observability.threshold.alerts-default';
const ALERT_ACTION_INDEX = 'alert-action-threshold';
// DATE_VIEW should match the index template:
// x-pack/packages/kbn-infra-forge/src/data_sources/composable/template.json
const DATE_VIEW = 'kbn-data-forge-fake_hosts';
const DATA_VIEW_ID = 'data-view-id';
let infraDataIndex: string;
let actionId: string;
@ -50,9 +53,9 @@ export default function ({ getService }: FtrProviderContext) {
infraDataIndex = await generate({ esClient, lookback: 'now-15m', logger });
await createDataView({
supertest,
name: 'metrics-fake_hosts',
name: DATE_VIEW,
id: DATA_VIEW_ID,
title: 'metrics-fake_hosts',
title: DATE_VIEW,
});
});

6
x-pack/test/alerting_api_integration/observability/metric_threshold_rule.ts
View file

@ -36,6 +36,12 @@ export default function ({ getService }: FtrProviderContext) {
describe('alert and action creation', () => {
before(async () => {
await supertest.patch(`/api/metrics/source/default`).set('kbn-xsrf', 'foo').send({
anomalyThreshold: 50,
description: '',
metricAlias: 'kbn-data-forge*',
name: 'Default',
});
infraDataIndex = await generate({ esClient, lookback: 'now-15m', logger });
actionId = await createIndexConnector({
supertest,

23
x-pack/test_serverless/api_integration/test_suites/observability/custom_threshold_rule/avg_pct_fired.ts
View file

@ -23,10 +23,11 @@ export default function ({ getService }: FtrProviderContext) {
const dataViewApi = getService('dataViewApi');
const logger = getService('log');
// Blocked API: index_not_found_exception: no such index [.alerts-observability.threshold.alerts-default]
// Issue: https://github.com/elastic/kibana/issues/165138
describe.skip('Custom Threshold rule - AVG - PCT - FIRED', () => {
describe('Custom Threshold rule - AVG - PCT - FIRED', () => {
const CUSTOM_THRESHOLD_RULE_ALERT_INDEX = '.alerts-observability.threshold.alerts-default';
// DATE_VIEW should match the index template:
// x-pack/packages/kbn-infra-forge/src/data_sources/composable/template.json
const DATE_VIEW = 'kbn-data-forge-fake_hosts';
const ALERT_ACTION_INDEX = 'alert-action-threshold';
const DATA_VIEW_ID = 'data-view-id';
let infraDataIndex: string;
@ -34,11 +35,15 @@ export default function ({ getService }: FtrProviderContext) {
let ruleId: string;
before(async () => {
infraDataIndex = await generate({ esClient, lookback: 'now-15m', logger });
infraDataIndex = await generate({
esClient,
lookback: 'now-15m',
logger,
});
await dataViewApi.create({
name: 'metrics-fake_hosts',
name: DATE_VIEW,
id: DATA_VIEW_ID,
title: 'metrics-fake_hosts',
title: DATE_VIEW,
});
});
@ -57,7 +62,7 @@ export default function ({ getService }: FtrProviderContext) {
});
await esClient.deleteByQuery({
index: '.kibana-event-log-*',
query: { term: { 'kibana.alert.rule.consumer': 'logs' } },
query: { term: { 'kibana.alert.rule.consumer': 'apm' } },
});
await dataViewApi.delete({
id: DATA_VIEW_ID,
@ -75,7 +80,7 @@ export default function ({ getService }: FtrProviderContext) {
const createdRule = await alertingApi.createRule({
tags: ['observability'],
consumer: 'logs',
consumer: 'apm',
name: 'Threshold rule',
ruleTypeId: OBSERVABILITY_THRESHOLD_RULE_TYPE_ID,
params: {
@ -142,7 +147,7 @@ export default function ({ getService }: FtrProviderContext) {
'kibana.alert.rule.category',
'Custom threshold (BETA)'
);
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.consumer', 'logs');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.consumer', 'apm');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.name', 'Threshold rule');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.producer', 'observability');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.revision', 0);

10
x-pack/test_serverless/api_integration/test_suites/observability/custom_threshold_rule/avg_pct_no_data.ts
View file

@ -20,9 +20,7 @@ export default function ({ getService }: FtrProviderContext) {
const alertingApi = getService('alertingApi');
const dataViewApi = getService('dataViewApi');
// Blocked API: index_not_found_exception: no such index [.alerts-observability.threshold.alerts-default]
// Issue: https://github.com/elastic/kibana/issues/165138
describe.skip('Custom Threshold rule - AVG - PCT - NoData', () => {
describe('Custom Threshold rule - AVG - PCT - NoData', () => {
const CUSTOM_THRESHOLD_RULE_ALERT_INDEX = '.alerts-observability.threshold.alerts-default';
const ALERT_ACTION_INDEX = 'alert-action-threshold';
const DATA_VIEW_ID = 'data-view-id-no-data';
@ -52,7 +50,7 @@ export default function ({ getService }: FtrProviderContext) {
});
await esClient.deleteByQuery({
index: '.kibana-event-log-*',
query: { term: { 'kibana.alert.rule.consumer': 'logs' } },
query: { term: { 'kibana.alert.rule.consumer': 'apm' } },
});
await dataViewApi.delete({
id: DATA_VIEW_ID,
@ -68,7 +66,7 @@ export default function ({ getService }: FtrProviderContext) {
const createdRule = await alertingApi.createRule({
tags: ['observability'],
consumer: 'logs',
consumer: 'apm',
name: 'Threshold rule',
ruleTypeId: OBSERVABILITY_THRESHOLD_RULE_TYPE_ID,
params: {
@ -135,7 +133,7 @@ export default function ({ getService }: FtrProviderContext) {
'kibana.alert.rule.category',
'Custom threshold (BETA)'
);
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.consumer', 'logs');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.consumer', 'apm');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.name', 'Threshold rule');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.producer', 'observability');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.revision', 0);

14
x-pack/test_serverless/api_integration/test_suites/observability/custom_threshold_rule/custom_eq_avg_bytes_fired.ts
View file

@ -29,9 +29,11 @@ export default function ({ getService }: FtrProviderContext) {
const alertingApi = getService('alertingApi');
const dataViewApi = getService('dataViewApi');
// Issue: https://github.com/elastic/kibana/issues/165138
describe.skip('Custom Threshold rule - CUSTOM_EQ - AVG - BYTES - FIRED', () => {
describe('Custom Threshold rule - CUSTOM_EQ - AVG - BYTES - FIRED', () => {
const CUSTOM_THRESHOLD_RULE_ALERT_INDEX = '.alerts-observability.threshold.alerts-default';
// DATE_VIEW should match the index template:
// x-pack/packages/kbn-infra-forge/src/data_sources/composable/template.json
const DATE_VIEW = 'kbn-data-forge-fake_hosts';
const ALERT_ACTION_INDEX = 'alert-action-threshold';
const DATA_VIEW_ID = 'data-view-id';
let infraDataIndex: string;
@ -41,9 +43,9 @@ export default function ({ getService }: FtrProviderContext) {
before(async () => {
infraDataIndex = await generate({ esClient, lookback: 'now-15m', logger });
await dataViewApi.create({
name: 'metrics-fake_hosts',
name: DATE_VIEW,
id: DATA_VIEW_ID,
title: 'metrics-fake_hosts',
title: DATE_VIEW,
});
});
@ -80,7 +82,7 @@ export default function ({ getService }: FtrProviderContext) {
const createdRule = await alertingApi.createRule({
tags: ['observability'],
consumer: 'logs',
consumer: 'apm',
name: 'Threshold rule',
ruleTypeId: OBSERVABILITY_THRESHOLD_RULE_TYPE_ID,
params: {
@ -149,7 +151,7 @@ export default function ({ getService }: FtrProviderContext) {
'kibana.alert.rule.category',
'Custom threshold (BETA)'
);
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.consumer', 'logs');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.consumer', 'apm');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.name', 'Threshold rule');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.producer', 'observability');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.revision', 0);

16
x-pack/test_serverless/api_integration/test_suites/observability/custom_threshold_rule/documents_count_fired.ts
View file

@ -23,9 +23,11 @@ export default function ({ getService }: FtrProviderContext) {
const alertingApi = getService('alertingApi');
const dataViewApi = getService('dataViewApi');
// Issue: https://github.com/elastic/kibana/issues/165138
describe.skip('Custom Threshold rule - DOCUMENTS_COUNT - FIRED', () => {
describe('Custom Threshold rule - DOCUMENTS_COUNT - FIRED', () => {
const CUSTOM_THRESHOLD_RULE_ALERT_INDEX = '.alerts-observability.threshold.alerts-default';
// DATE_VIEW should match the index template:
// x-pack/packages/kbn-infra-forge/src/data_sources/composable/template.json
const DATE_VIEW = 'kbn-data-forge-fake_hosts';
const ALERT_ACTION_INDEX = 'alert-action-threshold';
const DATA_VIEW_ID = 'data-view-id';
let infraDataIndex: string;
@ -35,9 +37,9 @@ export default function ({ getService }: FtrProviderContext) {
before(async () => {
infraDataIndex = await generate({ esClient, lookback: 'now-15m', logger });
await dataViewApi.create({
name: 'metrics-fake_hosts',
name: DATE_VIEW,
id: DATA_VIEW_ID,
title: 'metrics-fake_hosts',
title: DATE_VIEW,
});
});
@ -56,7 +58,7 @@ export default function ({ getService }: FtrProviderContext) {
});
await esClient.deleteByQuery({
index: '.kibana-event-log-*',
query: { term: { 'kibana.alert.rule.consumer': 'logs' } },
query: { term: { 'kibana.alert.rule.consumer': 'apm' } },
});
await dataViewApi.delete({
id: DATA_VIEW_ID,
@ -74,7 +76,7 @@ export default function ({ getService }: FtrProviderContext) {
const createdRule = await alertingApi.createRule({
tags: ['observability'],
consumer: 'logs',
consumer: 'apm',
name: 'Threshold rule',
ruleTypeId: OBSERVABILITY_THRESHOLD_RULE_TYPE_ID,
params: {
@ -139,7 +141,7 @@ export default function ({ getService }: FtrProviderContext) {
'kibana.alert.rule.category',
'Custom threshold (BETA)'
);
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.consumer', 'logs');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.consumer', 'apm');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.name', 'Threshold rule');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.producer', 'observability');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.revision', 0);

19
x-pack/test_serverless/api_integration/test_suites/observability/custom_threshold_rule/group_by_fired.ts
View file

@ -33,9 +33,11 @@ export default function ({ getService }: FtrProviderContext) {
let alertId: string;
let startedAt: string;
// Issue: https://github.com/elastic/kibana/issues/165138
describe.skip('Custom Threshold rule - GROUP_BY - FIRED', () => {
describe('Custom Threshold rule - GROUP_BY - FIRED', () => {
const CUSTOM_THRESHOLD_RULE_ALERT_INDEX = '.alerts-observability.threshold.alerts-default';
// DATE_VIEW should match the index template:
// x-pack/packages/kbn-infra-forge/src/data_sources/composable/template.json
const DATE_VIEW = 'kbn-data-forge-fake_hosts';
const ALERT_ACTION_INDEX = 'alert-action-threshold';
const DATA_VIEW_ID = 'data-view-id';
let infraDataIndex: string;
@ -45,9 +47,9 @@ export default function ({ getService }: FtrProviderContext) {
before(async () => {
infraDataIndex = await generate({ esClient, lookback: 'now-15m', logger });
await dataViewApi.create({
name: 'metrics-fake_hosts',
name: DATE_VIEW,
id: DATA_VIEW_ID,
title: 'metrics-fake_hosts',
title: DATE_VIEW,
});
});
@ -66,7 +68,7 @@ export default function ({ getService }: FtrProviderContext) {
});
await esClient.deleteByQuery({
index: '.kibana-event-log-*',
query: { term: { 'kibana.alert.rule.consumer': 'logs' } },
query: { term: { 'kibana.alert.rule.consumer': 'apm' } },
});
await dataViewApi.delete({
id: DATA_VIEW_ID,
@ -84,7 +86,7 @@ export default function ({ getService }: FtrProviderContext) {
const createdRule = await alertingApi.createRule({
tags: ['observability'],
consumer: 'logs',
consumer: 'apm',
name: 'Threshold rule',
ruleTypeId: OBSERVABILITY_THRESHOLD_RULE_TYPE_ID,
params: {
@ -158,7 +160,7 @@ export default function ({ getService }: FtrProviderContext) {
'kibana.alert.rule.category',
'Custom threshold (BETA)'
);
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.consumer', 'logs');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.consumer', 'apm');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.name', 'Threshold rule');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.producer', 'observability');
expect(resp.hits.hits[0]._source).property('kibana.alert.rule.revision', 0);
@ -224,7 +226,8 @@ export default function ({ getService }: FtrProviderContext) {
expect(resp.hits.hits[0]._source?.ruleType).eql('observability.rules.custom_threshold');
expect(resp.hits.hits[0]._source?.alertDetailsUrl).eql(
`${protocol}://${hostname}:${port}/app/observability/alerts?_a=(kuery:%27kibana.alert.uuid:%20%22${alertId}%22%27%2CrangeFrom:%27${rangeFrom}%27%2CrangeTo:now%2Cstatus:all)`
// Added the S to protocol.getUrlParts as not returning the correct value.
`${protocol}s://${hostname}:${port}/app/observability/alerts?_a=(kuery:%27kibana.alert.uuid:%20%22${alertId}%22%27%2CrangeFrom:%27${rangeFrom}%27%2CrangeTo:now%2Cstatus:all)`
);
expect(resp.hits.hits[0]._source?.reason).eql(
'Custom equation is 0.8 in the last 1 min for host-0. Alert when >= 0.2.'